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We claim: 

1. Apparatus, comprising: 

a plurality of internet protocol (IP) services aggregation switches for 
communicating between respective access networks and a core network, 
each of said IP services aggregation switches communicating with at least 
one respective user; and 

a dynamic virtual private network (VPN) manager, for providing 
customer network management and policy server functions including a user 
interface enabling remote management of a VPN by a user; 

said VPN having at least one of a defined quality of service (QoS) 
parameter, a defined security parameter and a corresponding billing rate, at 
least one of said QoS parameter and said security parameter being adapted 
in response to user commands provided to said dynamic VPN manager. 

2. The apparatus of claim 1, wherein: 

said dynamic VPN manager adapts at least one of said IP services 
aggregation switches to provide at least one of a guaranteed QoS parameter 
and a guaranteed security parameter to said VPN. 

3. The apparatus of claim 1, wherein said IP services aggregation 
switches communicate with said at least one respective user via a respective 
enhanced integrated access device (EIAD). 

4. The apparatus of claim 1, wherein: 

said dynamic VPN manager adapts at least one of said enhanced 
integrated access devices (EIAD) to provide at least one of a guaranteed QoS 
parameter and a guaranteed security parameter to said VPN. 

5. The apparatus of claim 1, wherein said QoS parameter comprises at 
least one of a bandwidth parameter, a jitter parameter and a delay 
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6. The apparatus of claim 1, wherein said security parameter comprises 
at least one of an encryption parameter, an authentication parameter and a 
filtering parameter. 

5 

7. The apparatus of claim 1, wherein said VPN supports at least one of 
an interactive gaming application and a conferencing application. 

8. The apparatus of claim 1, wherein: 

10 said dynamic VPN manager is responsive to a user command to 

establish an application profile for a VPN, said application profile defining 
at least one of a QoS parameter, a security parameter and a corresponding 
billing rate for said VPN during at least one time period 

said dynamic VPN manager adapting said at least one of a QoS 

15 parameter and a security parameter of said VPN according to said 
application profile. 

9. The apparatus of claim 1, wherein a command received from a user 
comprises a user selection of one of a plurality of VPNs to join. 

20 

10. The apparatus of claim 1, wherein a command received from a user 
comprises a user selection of one of a plurality of applications based on 
VPNs to join. 

25 11. The apparatus of claim 9, wherein said plurality of VPNs have at 
least one of respective QoS requirements and security requirements, said 
QoS and security requirements having corresponding billing rates. 

12. The apparatus of claim 10, wherein said plurality of applications have 
30 at least one of respective QoS requirements and security requirements, said 
QoS and security requirements having corresponding billing rates. 
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13. The apparatus of claim 1, wherein said dynamic VPN manager 
comprises: 

an enhanced application portal (EAP), for providing said user 
interface to said VPN user and receiving therefrom VPN administration 
commands; 

a policy server, for communicating configuration parameters to 
network elements providing said VPN, said network configuration 
parameters determined according to VPN administration commands and 
profiles associated with said VPN administration commands; and 

a directory server, for storing VPN topology and operational 
parameters and providing said VPN topology and operational parameters to 
said policy server and said EAP, said VPN topology and operational 
parameters being updated by said EAP. 

14. The apparatus of claim 13, wherein said dynamic VPN manager 
further comprises: 

at least one element management system (EMS) for managing a 
plurality of network elements forming said VPN. 

15. The apparatus of claim 1, wherein said apparatus is included within 
an internet service provider (ISP) network including said access networks 
and said core network, said dynamic VPN manager being included within a 
data center of said ISP. 

16. The apparatus of claim 1, wherein said VPN has associated with it a 
respective name; 

said user being able to perform at least one of a VPN create, VPN 
modify, VPN store and VPN delete, command using said VPN name; 

said VPN modify command allows said user to modify at least one of 
said VPN's topology, QoS parameter, and security parameter. 
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17. The apparatus of claim 16, wherein said VPN is retrieved from 
storage, activated and deactivated using a corresponding VPN name. 

18. A dynamic virtual private network (VPN) manager, comprising: 
5 an enhanced application portal (EAP), for providing said user 

interface to said VPN user and receiving therefrom VPN administration 
commands; 

a policy server, for communicating configuration parameters to 
network elements providing said VPN, said network configuration 
10 parameters determined according to VPN administration commands and 
profiles associated with said VPN administration commands; and 
a directory server, for storing VPN topology and operational 
parameters and providing said VPN topology and operational parameters to 
said policy server and said EAP, said VPN topology and operational 
15 parameters being updated by said EAP. 

19. The dynamic VPN manager of claim 18, further comprising: 

at least one element management system (EMS) for managing a 
plurality of network elements forming said VPN. 

20 

20. The dynamic VPN manager of claim 18, wherein a managed VPN has 
associated with it at least one of a defined quality of service (QoS) 
parameter, a defined security parameter and corresponding billing rate, at 
least one of said QoS parameter and said security parameter being adapted 

25 in response to said VPN administration commands. 

21. The dynamic VPN manager of claim 18, wherein: 

said dynamic VPN manager is included within a Universal Mobile 
Telecommunications Services (UMTS) packet transport network, said access 
30 networks comprising Gateway Generalized Packet Radio Service support 
nodes (GGSNs), said user accessing said UMTS packet transport network 
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said dynamic VPN manager causing communications with said user 
communication device to be routed through a GGSN geographically 
proximate said user communications device. 

22. The dynamic VPN manager of claim 21, wherein said determination 
of geographic location is made during an authentication procedure. 

23. The dynamic VPN manager of claim 18, wherein: 

said apparatus is included within a CDMA-2000 packet transport 
network, said access networks comprising home agents, said user accessing 
said CDMA-2000 packet transport network with a communications device 
nominally assigned to a home agent; 

said dynamic VPN manager causing communications with said user 
communication device to be routed through a home agent geographically 
proximate said user communications device. 

24. The apparatus of claim 23, wherein said determination of geographic 
location is made during an authentication procedure. 

25. A method, comprising: 

receiving, from an authorized user, a request to modify a parameter 

of a virtual private network (VPN); 

retrieving a profile associated with said user request; and 
providing configuration parameters to at least one network element 

in response to said user request and said profile associated with said user 

request, said network element adapted by said configuration parameter to 

satisfy said parameter of said VPN. 

26. The method of claim 25, wherein said user request is received via an 
enhanced application portal. 
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27. The method of claim 25, wherein said parameter to be modified 
comprises a quality of service (QoS) parameter, said QoS parameter 
adapting a data flow through a network such that a minimum QoS level is 
guaranteed to at least a portion of said VPN traversing said network. 

28. The method of claim 25, wherein: 

said parameter to be modified comprises a security parameter, said 
security parameter adapting a data flow through a network such that a 
minimum security level is guaranteed to at least a portion of said VPN 
traversing said network. 

29. The method of claim 27, wherein said QoS parameter comprises at 
least one of a bandwidth parameter, a jitter parameter, a delay parameter. 

30. The method of claim 28, wherein said security parameter comprises 
at least one of an encryption parameter, an authentication parameter and a 
filtering parameter. 

31. The method of claim 21, wherein said VPN supports at least one 
application having associated with it at least one of respective QoS 
requirements and security requirements, said QoS and security 
requirements having corresponding billing rates. 

32. The method of claim 31, wherein said application comprises at least 
one of an interactive gaming application and a conferencing application. 

33. The method of claim 27, wherein said VPN has associated with it a 
respective name; 

said user being able to perform at least one of a VPN create, VPN 
modify, VPN store and VPN delete command using said VPN name; 

said VPN modify command allows said user to modify at least one of 
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34. The method of claim 33, wherein said VPN is retrieved from storage, 
activated and deactivated using a corresponding VPN name. 

35. An application programming interface (API) for use by an application 
to perform VPN management activities, said API performing the functions 
of: 

receiving, from an authorized user, a request to activate, deactivate, 
join, leave or modify a parameter of a virtual private network (VPN); 
retrieving a profile associated with said user request; and 
providing configuration parameters to at least one network element 
in response to said user request or said profile associated with said user 
request, said network element adapted by said configuration parameter to 
satisfy said parameter of said VPN. 

36. The API of claim 35, wherein said application executes on an 
enhanced application portal. 



